Friday, 31 July 2015

Crypto wars

Is the UK trying to ban iMessage, FaceTime, Whatsapp? Seems unclear - they make contradictory statements about encryption being important but also about needing access to communications. Let's try something simple - assume governments get some "back door keys" in there...

If a British citizen with an iPhone purchased in France and roaming in Germany iMessages a Chinese citizen roaming in Sweden using an iPhone purchased in Denmark, which government's keys need to be inserted in the iMessage communications by an American company (Apple) legally based in Luxembourg using servers hosted in Eire?

Baroness Howe at it again

Once again mentioned in The Lords, albeit more indirectly: "One of them even boasted of the fact that it deliberately did not filter". That pretty much has to be us, A&A.

Would she be so condescending to a phone company saying that they do not listen to, and filter, what you say on the phone, I wonder?

Once again, I say to the Baroness here:
  1. We already offer our customers an unavoidable choice regarding filtering when ordering.
  2. We already confirm customers are over 18, and are happy to link to any freely available external validation system that she wishes to put in place for that.
  3. We already provide help and advice for parents wishing to actually be parents and look after their children.
For those that do not know, the choice is like this :-

I have removed the comment about moving to North Korea if you want filtering. At this rate, their ISPs will be suggesting you come to the UK for censorship!

We already (as you see in that image) suggest we can set up alternative DNS (e.g. OpenDNS) that can avoid children accidentally accessing unsavoury parts of the Internet. This is about the best any ISP could actually do as anyone determined to access something can easily bypass the filters any ISPs include.

We also lack the actual evidence that access to porn is harmful anyway. I would be happy to stop my kids (when they were younger) accidentally finding smut on the Internet, but if my son accessed it when he was in his teens, that is not something I could have stopped even if I wanted to, and is there actual evidence that it is a problem? What we need is education so that young adults understand the context of porn - like any fiction on TV depicting unreal scenarios and not "how you do things in a real relationship".

Of course, we also have the fact that such filtering it likely to fall foul of EU wide net neutrality rules that are coming in to place.

We also have the fact that such filters are against mere conduit EU rules, and perhaps even against the Computer Misuse Act.

I assume her Bill will, again, fall flat on its face. If it does not, it seems we will have little problem complying and probably already do.

P.S. Sorry if not obviously, but if you pick the "Censored" option you cannot place your order and the message suggests you choose another ISP. That is a choice anyone can make.

Thursday, 30 July 2015

Nearly slamming

Well, we have found a case where clearly OFCOMs plan for transfers is not designed that well!

We have a customer leaving, moving out of his house, and ceasing service. Fine, no problem

We put a cease order in to BT, only to find that the new occupant has already ordered phone and broadband on the line.

Because their order went in before we put in the cease, the order has gone in as a migrate, causing a 10 working delay for the new customer, which I am sure is much to their annoyance.

Bear in mind, new occupier could have done the order 10 working days ago to align with the day they move in, or a week ago nor realising the 10 working day thing, so an extra week delay. It looks like that did it a couple of days ago. All of this is actually quite sensible for the person moving in, and as a migrate it saves them money...

The problem is we cannot now cease the line. We are stuck with it - in this case for 12 more days and stuck paying for it until then.

Now, this is not a lot of money, but it is more the principle of the matter. We have ceased!

What adds to the problem is our systems have been carefully coded to match the messages we get from BT. The cease being rejected has unset the cease date and billed the customer ongoing (and if left will charge up to the new migrate date) even though our customer asked for it to be ceased.

Obviously we are sorting the billing to our customer, but we have the same issue with BT now. We want it ceased and BT are rejecting that. I think we'll make a billing dispute of this one to highlight the problem to BT.

However, our customer is likely to be exercising his right to treat this as slamming and click the link in the email we sent him and cancel the migrate. He did not, after all, authorise it! This will allow our cease to go through (if we put it in quickly enough), and then new customer will have to order as a new provide and not as a migrate and it will cost them more.

This is a mess! Personally I think our cease should be accepted, stopping billing to us, and if the migrate order had a CRD (Customer Required Date) that was sooner than the 10 working days, move the migrate back to match. That way this scenario would work for us and our customer, and allow the new customer the cheaper "migrate in" option without the extra lead time.

It would also allow us to expedite an outgoing migrate at the request of our customer by submitting a cease after notified of the outgoing migrate. This could be very good for customer service generally.

I'll suggest to BT, but I doubt it will get fixed.

Friday, 24 July 2015

Holy cow - man cave may happen!

Well, the man cave, or garage, or perhaps "Binfield Engineering Centre" may actually come to pass, at last.

First off the boiler needs moving in to the utility room next to the garage, and that means also moving the sink, tiling the floor, new cabinet and cupboards. But that is actually starting with the boiler move on Wednesday. It really is happening!

The council confirmed, finally, that there was no requirement for planning permission as this sort of conversion is "permitted works". They have a pre-planning enquiry form on the web site which was something like £45, and they check if the work needs permission or not. I was able to upload photos and a diagram - the site actually worked quite well. Ironically, I did not have to move from my desk to sort a plan and photo as I just grabbed google earth / street view shots. That is the final hurdle before we actually get started - so the garage is finally going to happen.

Once the utility room is done, it looks like work can start on the garage in two weeks time. Raising/levelling the floor, blocking one tiny window, building wall with door way and windows where garage door was, and so on.

Then I have to really consider the internal fittings, work-top, "bar", shelving, cupboards, sofa, TV, loads of things to think of.

I'll have to start taking some proper pictures of all of this as work progresses.

Update: We have some MDF shelves we need removing ready to re-do the walls... Sandra wants them intact, else this would have been easy! They were not actually screwed to the wall, so should be simple, or so we thought.

  • Looked like jammed in on right/left to plaster board, so I managed to remove the plaster board and wood, and still did not move. I could get it to move away from the wall a bit on the left.
  • James tried - he could move it a bit, but managed to put feet through the plasterboard in the process! Good job we are re-doing the dry lining.
  • James then tried using a tow rope, no joy.
  • James then tried three claw hammers (why do we have three claw hammers?) and was wedging them in at the top and moving them right a bit at a time - no joy.
  • James then tried a car jack, and managed to punch a hole in the plaster instead of moving the shelves.
  • James tried again, car jacking against the brick wall behind, and managed to twist the whole shelving unit but no more.
  • James finally car jacked against the brick wall on the top right, and popped it out - it was simply wedged top to bottom, floor to lintel on the right.
Finally...

Thursday, 23 July 2015

116000 more important than 999?

OFCOM GC20 is not that new, but I had not spotted it before (not good). Thanks to the couple of customers that asked about 116000, and we're routing 116 numbers now. However, reading it has opened a new can of worms.

Oddly it seems to provide some rather onerous and even impossible requirements on a lot of people, and even give OFCOM some powers that seem rather far reaching.

GC20.1 is not too bad as it has a caveat of "technically and economically feasible", and basically means allowing numbers in EU to be called.

GC20.2 is hard to parse, sorry. I'll update when I understand it.

GC20.3 seems to give OFCOM super powers. It allows them to require any telephone number to be blocked for fraud or misuse, but also allows any Public Electronic Communications Services to be blocked for fraud or misuse. Now, PECS covers a mess of definitions, but reading the comms act that covers quite a few things - it could, I think, cover email, for example. This means OFCOM could block email addresses or other things.

This sounds like OFCOM could block any broadband or phone line even as they can block a whole service if they like, for something as vaguely defined as "misuse". That is quite a power OFCOM have granted themselves!

GC20.4 covers international call pricing.

GC20.5 is an issue though: "The Communications Provider shall ensure that any End-User can access a hotline for missing children by using the number “116000”".

GC20.6 is a huge problem: "For the purposes of this Condition, “Communications Provider” means a person who provides an Electronic Communications Network or an Electronic Communications Service."

It is these last two that are the problem - the whole of GC20 only makes sense for public telephone service providers, but GC20.6 means it applies to anybody that provides electronic networks or services even if not to the public. It applies to all types of network and services, not just telephone.

Even the requirements for 999/112 calling only apply where someone provides telephone service that allows calls to numbers in the national dialling plan. i.e. a naked DSL does not have to do 999. An incoming calls only line with no dial tone does not have to allow 999. This seems to mean that access to 116000 is massively more important than access to 999/112 in OFCOMs eyes.

And to be honest I am not sure what the hell 116000 is meant to be for - if I had a missing child I'd call the police. Why the hell is a special number needed for this? Will there be a stolen bike helpline next? This is not even the equivalent of childline for kids to call, which might make sense as a special EU wide number. Why the hell is 116000 so special that it has to be callable even from lines and services that would not have to allow 999/112 calls?

This also means that broadband only lines are no longer valid - we have to allow 116000. It means SDSL, EFM, fibre Ethernet are not allowed as they all have to ensure access to 116000. It means BT's new single order GEA (FTTC without phone line) will not be allowed as it has to allow 116000. It means a wifi provider (even if not providing to the public) has to ensure access to 116000. Does your wifi at home (assuming you "provide" it to others in the house) ensure they can call 116000?

What the hell are OFCOM thinking this time???

01189998819991197253
We're all big fans of the IT Crowd at A&A :-)
Posted by AAISP on Thursday, 23 July 2015

Wednesday, 22 July 2015

Private mobile data networks

I read the story about Jeeps being hacked. Scary!

What is interesting is the total lack of security on the mobile side - it seems the manufacturer had SIMs on Sprint mobile network which simply operated on private IP addresses but still on Sprint's network. This allowed anyone with a Sprint SIM to access the cars systems.

One of my customers just commented on irc basically "Should've gone to A&A", in that we do private network data SIM cards for UK use where the SIM connects back to us, and can connect on to a private LNS on a corporate network allowing the IP traffic to be private to that network. It would, with a very simple set up, allow someone to run a completely private corporate mobile network from one SIM card upward for very low cost.

But this is "simple", in that it allows open, unencrypted, IP traffic to and from the mobile device and the corporate network relying entirely on the mobile and ISP networks to provide that security. It works well. It is great for things like iPads and the like that can "just work" out of the box and find themselves on the corporate LAN behind the corporate firewall without a complicated VPN set up.

Of course, doing this for cars would have the issue that you just get one of the SIMs from a car and have access to the car network. This, fortunately, is one line of firewall config on the LNS to stop car to car traffic (he he "traffic", and "cars", sorry, LOL).

Even so, and even though this is a solution we sell, this is far from the solution that should be used for access to a car! The link should use a secure and validated encrypted communications channel - essentially a VPN. This would allow the car to be sure that it is talking to the manufacturer, and would also allow the car to communicate safely via any IP connection to get there (WiFi or mobile) and so not tie the manufacturer to one SIM/mobile set up.

Hopefully they will learn! It sounds like there will be laws to make them learn!

Friday, 17 July 2015

Watches2U really are scum

Not only did they offer me "5% off my order", having ordered a "sale" watch, with no stated catches on the offer, and then not honour it (adding catches after I did what they said)...

Not only did they add me to a mailing list without my consent...

But having confirmed they have removed me from their mailing list, it looks like they did not, and I am getting email from another domain (toffgroup.com) trying to sell me more watches (I only have one left wrist) so clearly I am on their mailing list.

I'd complain to the ICO if I thought the ICO were actually any use!!!

Tuesday, 14 July 2015

More scum?


This pops up for customers from time to time and we are getting sick of explaining that they are not us and we did not ask them to survey our customers. It appears to be a scam, in my opinion. It just happened to me having followed some click-bait from Facebook.

Technically they claim to just be a third party, no association with us, and so on - it is all in the small print.

But I have to wonder what legally we can do to stop this. It is upsetting our customers and abusing our good name.

I am unsure if they are actually breaking any laws here. It "feels" wrong, but maybe it is all legal. I simply do not know.

I am actually surprised they worked out my IPv4 at home is Andrews & Arnold Ltd. It is listed as Thrall Horde on RIPE and the route entries show it via two separate ISPs, only one of which is A&A.

Who's the data subject?

Making unsolicited marketing calls to TPS numbers is unlawful.

Continuing to hold and process personal data when requested not to, and having no reason to, is unlawful.

So either way, unwanted "junk" calls should be possible to handle somehow.

Sadly someone has given my number with her name on a loan application. I am now being constantly hassled (asking for her).

These are not marking calls (as such) as far as I know.
These are not unsolicited - in that someone asked them to call.
And the contact details they have do not have my name.

Am I even the data subject? My number on its own is not really personal information as it does not allow me to be identified (as reverse phone lookups are meant not to be allowed). The name is not me. So even if together they are personal information, I am not the data subject?

I'm not the intended recipient of the calls.

Are they breaking an regulation or law by constantly calling for this person? Even harassment, they are intending to harass this other person, and not me!

Arrrrrg!!!!

Saturday, 11 July 2015

Ban random numbers

At the moment it is not illegal to send random data - assuming you are not trying to screw up someone's computer by doing it.

Well, sort of. It is slightly more complicated. This is where I am not a lawyer and I know someone will tell me if I have this wrong. There may be some sequence of events where sending random data may be an issue...
  1. Let's say I send random data - something that is completely legal
  2. I, or the recipient, would have to be suspected of something for there to be a legitimate intercept of that - and somehow the random data are seen as key to some case against me
  3. The prosecution will have to show beyond reasonable doubt that the data are encrypted data
  4. They then ask me for keys, or to decode it, as per RIPA
  5. At that point the proof is the other way - I'd have to show that I don't have the keys (because it is random data)
  6. As I cannot show I don't have the keys, I could be in trouble.
That is, I think, how things stand legally, at the moment... There are several problems with the above. For a start, encrypted data normally has headers and protocol elements that say it is encrypted data. It is unusual to send raw encrypted data with no header, but quite valid technically to do so. So, proving my data are encrypted and not random may be hard - it is unusual to send raw encrypted data but also unusual to send raw random data. On a balance of probabilities, maybe that would be assumed to be encrypted data, but I think the proof has to be beyond reasonable doubt. If I had any plausible excuse for sending random data, I should be OK. One excuse would be that I am vocal at the stupidity of such laws, or perhaps I am deliberately running an app that sends random data for that reason. Of course, I could also send some encrypted data occasional, and no way to tell it apart from the random data!

This is a problem for the state - if people start sending raw random data, and people send raw encrypted data with no headers that looks like raw random data, then a prosecutor would not be able to establish that the data are encrypted. Claiming it is random data would be plausible deniability.

So, the only solution would be knee-jerk legislation to ban sending of random data. That way, they catch you either way - encrypted and not handing over keys, or random, either way, you are breaking the law - and a government that ensures everyone is breaking the law one way or another can control the people better. Sorry, paranoia overload there...

Unfortunately that has a huge problem. Random data are everywhere. Anything that samples reality - a phone call, audio recording, photograph, video, anything, has huge amounts of random data and sampling noise. If you ban random data you ban all video and pictures and everything with a random component.

So, let's not ban all random data, quite - let's allow it in funny cat videos shall we?

Sadly, that gets you back where you started - you can include encrypted data in the random noise in images and videos and audio. If you allow that, you allow covert encrypted communications.

So, I guess random data are safe after all - for now - as are cat videos and so are the people wanting to continue to use encryption covertly. I do wonder about making a mobile app that deliberately sends random packets at random intervals just for fun.

Friday, 10 July 2015

Late payment penalties - good or bad business?

We have always charged commercial customers late payment interest. When the Late Payment of Commercial Debts (Interest) Act 1998 came in we charged the statutory interest, and when penalties came in with The Late Payment of Commercial Debts Regulations 2002 we started to charge those.

Is this good for business or bad?

There is a down side - occasionally someone that thinks it is OK to routinely pay late will leave and get service from someone else. That is not ideal, but on the other hand, neither is paying late. We try, with such people, to find payment terms with which they are happy. As an ongoing service we can do what payment terms you like - if you want 6 months to pay invoices, fine, we'll charge you for the month that is 6 month hence, and give you 6 months to pay. We can be very accommodating - but on a serious note, the standard terms like 30 days, and "end of following month" we do fine as well.

We have had a few cases, which we don't really do any more, where we agreed not to actually invoice the late payment penalties, but show them on the statement anyway. After many years the customer left and was surprised to get invoiced the statutory late payment charges dating back many years. People need to know that late payment penalties are a part of every commercial contract in all of the EU. We are not being special here...

But late payment, and in particular the attitude to the statutory late payment penalty, tells you a lot about the finances of a customer. Some people make mistakes and are very apologetic - they get our sympathy and get let off (this time). Those that pay late and then rant about it are different - they usually have a problem and are failing to hide it.

On one rare occasion we paid a supplier late by mistake and insisted they get their late payment charges. We take a lot of care to pay suppliers on time.

We just had a perfect example of where this works in our favour just today. We have very few where it does not work in our favour, especially with a policy of letting people off the first time.

A customer that had a very strong attitude on late payment. Indeed, he said

It is, however, my policy not to deal with companies that impose any kind of late payment charge and I am surprised that previous payments have been made.  Unless I get confirmation that no further late payment charges will be added to my accounts, I will take steps to cancel all services with AA.

Well, I replied...

As I am absolutely sure you know, I could make a signed notarized contract, signed in blood and sealed with the company seal, that we will never charge you late payment charges again. Then I could still charge them and enforce them via the court. This is because, by law, such an agreement is illegal and void.

However, I am prepared, none the less, on my honour as a gentleman going to state that we will NOT charge any more late payment charges provided that you, on your honour, as a gentleman, agree not to pay any invoices late in future.

I trust that you agree that is a very fair deal.

No reply. But he then moved all lines away, having now paid in full, including the penalties.

That was last month. Today - we received the insolvency notice from their liquidators, and they owe nothing.

Yay for late payment penalties... It could have been very expensive if they were still customers.

Ban multiplication!

We have seen cries to ban encryption by the UK government (and others). They are couched in wording to try and get some sympathy for this, such as "there can be no safe places for terrorists to communicate", and that they only want to ban "strong" encryption. They have even said there have to be "back doors" in software. It is still not clear what they want. These are all ways to say "ban privacy for law abiding citizens".

One of the problems is getting through to people why this sort of request is totally insane, and so I am going to try and make it simple. Encryption is a bit like a mathematical function. So, just for a moment, let's imagine the call is to "ban multiplication". I am sure that being able to multiply is as useful to terrorists as to the rest of us.

Can you just ban this for the bad people?

Well, no. It is hard to see how you can tell if someone using is using multiplication, and if they are, if they are doing so for good or bad reasons. If you had multiplication banning orders, you'd have to tell the suspects they are banned, and they would know they are suspects. The only way is to ban everyone using multiplication.

This is the same with encryption - well, more so. You cannot see what the encrypted data is, so you cannot tell if someone is a viable suspect even. If they are a suspect you cannot stop them using encryption without telling them to stop, which kind of gives the game away. The only way is to ban everyone from using encryption, even the 64 million of us in the UK that are not terrorists.

Would banning multiplication work?

Obviously not - anyone that wants to multiply would still do it. They may not make it obvious what they have done, but I am sure, if it is useful to them, they would multiply still. If they are a criminal, why would they not be prepared to commit one more crime?

This is the same for terrorists and encryption. Terrorists would be able to use encryption and can easily hide that they have done so. Only legitimate, law abiding people and businesses would not be able to use encryption.

Can we stop multiplication by making the manufacturers of calculators stop it?

Well, you could make a law, and it would apply to calculators. Nobody making them would be allowed to include the multiplication function. We'd have to make sure nobody brought one in it the country - checking at ports and confiscating anything that can multiply. But hang on - multiplication is not that hard - people can do it with pen and paper or in their heads, stopping manufacturers does not stop that? And what of someone that just writes their own calculator app for their phone or PC?

This is the same for terrorists and encryption - most encryption software is actually "open source" so has no manufacturer to act on, and you can encrypt using nothing more than pen, paper and dice. If iPhones were banned, or even "any iPhone except the special UK version" was banned, it means checking people at airports for illicit iPhone smuggling. But anyone can still get encryption for any phone or computer that allows you to load your own software as it is freely available.

Can we make manufacturers add a back door?

Perhaps allow multiplication, but make the manufacturers of calculators have something that logs what was multiplied, so we know. But again, what if people don't use calculators? And even if they did, surely the calculator manufacturer could log two different numbers that multiply to give the same answer, giving the impression they are complying but not actually doing so?

The same is true of encryption - again, most encryption software is free and exists already. Even if you did encryption by hand you could log (post off to GCHQ?) keys that decrypt what you sent in a way that looks like you are complying but does not actually reveal the real message.

Could someone else use the back door?

Well, obviously, if the calculators are logging what was multiplied, even though you actually wanted it kept secret, someone else might be able to look at that log.

This is true for encryption - if you make it weaker or you create logs or back doors - you make it easier for terrorists, criminals, hackers, competitors, anyone to access your data. It makes you massively less secure.

Is this comparison silly?

No! Encryption can be done in a lot of ways and computers are good at it, but you can make impossible unbreakable encryption with nothing more than a pen and paper, and mathematics that are actually as simple as adding up - not even as complicated as multiplication. When I said let's pretend encryption is multiplication I was making it harder in some cases!

As per one of the comments: There is an excellent paper on the subject published this week...

Running up that bill

What happens if you try and stitch someone up and not pay your bills?

Please don't get the idea that we sue people all of the time - in all my decades in business we have sued fewer than half a dozen people - sadly there are some things that cannot be resolved without going to court. Fortunately most things can be resolved amicably. However, if you do ever need to go to court, it is worth knowing a bit about how it works in practice - whichever side of the table you are sitting.

It is also worth pointing out that we followed this case through to the end - not to be vindictive - but because this person was being so (in my personal opinion) devious and slippery that we really wanted to understand if the legal system really can get there in the end. If it didn't, we'd know when to give up in future. So thanks for the education on this one...

As ever, having been to court, the case is public record, and as such I believe can be reported. I am happy to correct any errors in my reporting of events here. However, we are not mean, and things do seem to have worked out eventually, so I'm not naming him.

The story is pretty simple, and as always we have learned some lessons. He used a business name, got some data SIMs, used some data (tens of pounds a month) and paid on DD, all was well.

Then he started using a lot of data on one SIM - we spotted this, and contacted him. It got to a £884 bill for a month. He bounced the direct debit.

Well, this is where the excuses start - says he will be paying soon - doesn't understand why such high traffic. We investigated (as requested) and explained that it is someone watching a video surveillance system remotely 9-5 solidly (SIM is apparently connected to CCTV). We also explain it will be cut off as not paid.

To be fair - if it had stopped there we would have considered that there was some aspect of "misunderstanding" going on. He did get the warning of usage at a much lower level (e.g. £50), but ignored it, apparently thinking he'd get a warning every £50 for some reason. We'd certainly have tried to work out some sort of payment schedule (we did offer this I think). But he insisted we not cut off the SIM as that would be breach of contract and he'd be paying soon, honest...

He ran up £1200 bill for next month - and at that point we cut him off, obviously. One lesson learned and coded very quickly is a system to issue interim bills for usage. We don't set limits normally (customers can set warnings) as that is a key part of the service, but we need to know when someone is not paying, so interim invoices will catch this a lot sooner in future.

At this point the excuses came really thick and fast. To be honest I really think this was massively feigned misunderstanding - usage of the SIM is not complicated and we explained what was happening and offered to stop just that SIM even. Things like not knowing who it was that was accessing the CCTV. Things like the CCTV access was via TalkTalk so they pay TalkTalk for the internet access, why are A&A billing (well, duh, it is usage of the SIM!). Insisting our metering is wrong. Just excuse after excuse. He knew how it worked after the first bill, so all of this was just making up excuses.

Several offers to pay which didn't happen, and eventually we had to issue a county court claim. Shame, but really not much choice. This service is one we have a straight cost for usage by the MB and so not simply a case where even a mistake by a customer can sensibly be waived. There are some services where costs are less direct and we can be a lot more helpful for mistakes or misunderstandings, but not here. We also have the fact that he knew, at £700, exactly how it worked and what he was paying and did not take any action to stop further charges.

He says he will defend it, and refuses an arbitration calls. His defence was basically that a data SIM from Three is not this much so why are we so expensive!

He did try one classic excuse at one point - the old "it was not me that ordered, it was someone else". It was ordered in his name, so our stock response worked fine: "Either it was you or someone ordering on your behalf with your permission, in which case you are liable, or it was not, in which case it is criminal fraud and the police need to be involved and we'll pass on all the recordings of calls we have had with you"... He decided against a fraud investigation.

He moved the case to Dudley court as he purchased as an individual under a trading name. Oh well. We sent people to Dudley, and he turned up with nothing. No defence, just more excuses. He said something about his business partner or something, anyway, somehow he convinces the judge that he will be able to get some evidence and some sort of defence if he has more time! The judge allows this and adjourns the case but orders that he has to pay our costs for going to Dudley regardless. Indeed, if they are not paid then there will not be a new hearing, just a case in judgement by default. Only £245 in costs (travel, overnight stay), and he promised to pay, but doesn't.

So case of judgement in default, simple.

Again, he promised to pay by some future date, and so we waited, and he did not pay.

We paid for bailiffs, they went round, he had excuses. First off, he says the warrant is not valid as he is not at number "1a" but at number "1" in this street. Now this is devious, buying a service with a slightly wrong address in the first place. We spoke to bailiffs and convinced them to carry on (we'd just get the court to re-issue the warrant if not). The bailiffs gave the impression they knew him quite well. They said they cannot get access (he has a gate). He then insists that he has an application in to the court to suspend the judgement or something. Then he apparently sent it to the wrong court. Then he says he did not send it as it was going to cost him money. Each step caused extra delay of many weeks. Months down the line now, and eventually bailiffs give up!

Now, bear in mind, at this point it was nearly a year since this all started - he managed to delay and delay at every stage, and kept offering to pay by the end of next week or some such excuse to add more delay.

I had never had a case get to the bailiffs saying they cannot enforce the warrant before. This was new. I wondered if being bloody awkward had somehow worked for him...

But no, there were two more steps we had - one is the High Court Sheriff. For yet another fee we could transfer the case to the Sheriff. So we did.

Again, he gave them excuse after excuse, and again they could not gain entry (not allowed to break in). Months passed, and we were seriously looking at how you get someone declared bankrupt. My theory was that he would want to find the money (bank loan perhaps) rather than have us actually declare him bankrupt which would cause him a lot of hassle for many years.

However, it seems the High Court Sheriffs are good :-) They even hassled neighbours, apparently! I guess asking when he is in, that sort of thing, but making it clear they were after him for money. Somehow this finally worked, and he applied to the court to pay in instalments. To our shock and horror he is actually paying. It will take him (another) year to pay up but we are finally getting paid, though we don't know for sure that he'll keep paying. It is, of course, quite fair and proper that if he cannot pay in one go, he should pay what he can over time, and we told the court we were happy with that.

We think (and asking Dudley county court was not helpful) that in future one can simply go to the High Court Sheriffs in the first place rather than bothering with the local bailiffs. We'll find out next time we ever have a case.

Well done to the justice system.

I would, however, like to say that Dudley county court is a nightmare (in my personal opinion). They simply lose paperwork. We had special delivery and recorded delivery paperwork signed for, and they deny getting. We had one case of faxing them (as well as posting), calling and confirming they have the fax, and the next day they deny receiving it. They charged the wrong amount for a warrant, and then had to post a check back rather than refunding the card. I think even that went wrong somehow. They messed up the transfer to the High Court Sheriffs somehow as well. The judge was OK, insisting on our expenses, but the admin people in Dudley were useless. But overall, finally, a good outcome.

Thursday, 9 July 2015

No smoking signs

This original rant pre-dates my blog. I even made a web site about it which I have since removed, and collected pictures of violations.

Whilst, in general, I applaud the ban on smoking indoor in public places (the main complaint being that one can no long use pub beer gardens if you don't smoke! I.e. the rule do not go far enough), I was particularly annoyed with the stupidity of the laws on the no smoking signs themselves.

Many premises had no smoking signs (symbol of lit cigarette, red circle and line through it, maybe "No Smoking" text as well). But the new law (Health Act 2006) required no smoking signs displayed at every entrance. The regulations for England, Wales, Scotland and Northern Ireland, were all different. Indeed, it was not that easy to make a single sign design that met all of the requirements. Some needed to be "any shape, but A5 area", some had to be rectangular, some needed extra wording. The size requirements for the symbol varied. It was a stupid bureaucratic mess. It also meant that all of the existing "No smoking" signs that were in place were no longer valid!

The law was hugely ignored - lots of premises had no signs, lots had old signs, some had new signs but the wrong ones for the country in which they were displayed, and many did not have signs on all entrances. Almost every train had a sign that was too small, meaning they could be fined for every carriage. I also had an issue with having to advertise the law - people are expected to know the law, and we don't have "No stabbing" signs, do we!

What I have just noticed, and am surprised was not more widely mentioned, is a new regulation: The Smoke-free (Signs) Regulations 2012 which revokes the previous regulation and simply says "At least one legible no-smoking sign must be displayed in smoke-free premises in accordance with the duty at section 6(1) of the Act."

I still think it is daft making the requirement to have a sign, to be honest. That is something anyone managing a building (and with an obligation to stop smokers) would put up anyway. But the new regulation is simple, and does not dictate the stupid different formats - well, at least in England - I cannot see for sure that it has been sorted in Scotland, Wales, or Northern Ireland.

Monday, 6 July 2015

TV licence loophole

Radio transmissions were licensed.

Whilst it is less so now, with mesh technology and pico cells and so on, the concept at the time made sense. You have a limited resource that covers a wide area or even a country, and as such you need licensing to ensure it is not abused.

This included licensing of radio receivers, which was odd, and clearly just a money making exercise. It is only the transmission in the limited resource space that needed controlling and hence licensing.

This included Radio and TV licences, which has diminished to just TV licences. The idea of charging more for colour (and less for someone that is blind, FFS) is crazy. Again, you should only need to licence the transmitter really.

I recall as a student I had no TV but had a radio receiver which was a BBC micro teletext box. This confused the fuck out of NTVLRO. At the time, the interpretation was that if you videoed (e.g. VHS) something you needed a licence to play the video not to record it. This sort of made sense as the fee depended on whether you viewed in colour or black and white. The licence was for you personally receiving the TV signal (watching it). This changed later to being the recording equipment needing a licence and nobody believing you had a black and white TV any more. At the time we had a big debate as teletext is black and white dots only so I said I only needed a black and white licence. They felt I needed a colour one. The teletext was used to stream BBC micro programme code! It came down to the received BBC micro programme listings - if the listing had colour (in-line colour character codes) then viewing the listing needed a colour licence (if you had a colour monitor), but if it was all plain text then only a black and white one was needed. I suspect the pedantry was strong in this one, even at such a young age - I have not improved much.

But more and more changes mean that "Live streaming over IP" is now something that needs a Wireless Telegraphy TV licence. That is mad, and to be honest a loophole that needs plugging.

The "iplayer loophole" some mention is madness. The loophole is allowing licence fees for live streaming over IP where no wireless telegraphy is involved, and to be honest the whole basis for charging a radio licence is long since obsolete.

If they want to charge for player - then make it a subscription service - simple, and no pen pushers and other vultures getting in the way of the money going to the BBC. But don't fuck about pretending it is a "licensing" issue.

If we start licensing streamed individual videos, I will want my cut for some of my youtube videos.


Update: Thanks for debate on irc.

OK, where does the BBC fit in?

I think there are things that are at different levels.

Some things fit at a level of national infrastructure and things we all need or may need and somehow need to be paid for by all. This is things like NHS, and so on that need to be paid out of general taxation.

I think there are things that are not viable on a pay as you go basis, but not universal for general taxation, and need to be charged on a class of use basis. Things like perhaps road and fuel tax based charges that go to pay (in theory) for roads and infrastructure. But that there is some choice with people whether they are in that class and pay towards that class of infrastructure. This is complex, especially roads, as we all want an ambulance or Tesco van to be able to get to our house via roads even if we do not have a car, etc. Also, such taxation is rarely pigeon holed to its target budget.

Finally we have services we use that can be worked on a pay for what you use basis. These can be state provided services, but something we pay when we need, and not something we have to pay a share to. Of course you then have competitively provided commercial services as the final logical step.

Ultimately these are points in a spectrum of socialist to capitalist models.

No, I have no bloody idea where BBC fits in this - but pinning it to an antiquated model of radio spectrum usage tax is mental and needs changing.

When is a 5% discount not a 5% discount?

I ordered a new watch as mine seems to be having issues. It is many years old now. I googled for a new one, saw a range of on-line shops selling them, and ordered from one. I picked Watches2U as they had a good price and the web site looked sensible.

I selected the watch and then got a pop-up offering (as you can see) "enter your e-mail below to get 5% off your order".

There was no caveat, or *, or T&Cs, or whatever, just that I had to enter my e-mail. So I did, and got a discount code by email.

I entered the code and ordered, but the order did not show the 5% discount. Well, actually it did, but showed 5% discount and -£0.-0 as the amount! I queried it and I was told that as per the terms on the email I could not use the discount code on "sale" items (which appears to be pretty much all of their web site).

Of course, I am somewhat annoyed at being duped. Indeed, it seems I have been added to a mailing list as well - without asking me. As far as I can see, they made an offer and I accepted. Indeed, when offering a discount off "your order" I had already selected a watch (that was on sale), so it seems very reasonable to expect the discount to apply to my order. I think adding terms in the email sent after I have accepted their offer is not really on.

The really stupid thing about it is that I would have not had any problem if there was not a 5% discount on offer. It is not a lot of money. But now they have offered me a discount which I have accepted, and then been denied to me, I am cross and annoyed. I have raised a complaint via google now as they are a "google trusted store".

Their 5% offer has made an unhappy customer, even if this is resolved and I get my discount.


Update: Google not interested in fixing, and Watches2U not interested, so reported to trading standards.

OFCOM - plot thickens

I am making progress, and it is worth explaining some of the misunderstandings. Having read the General Conditions more and discussed more with OFCOM I can see some sense in their replies and some misunderstanding on my part.

However, it seems a slight mess.

They seem to only want to regulate consumer charges for these 084, 087, 09 & 118 calls, but they have made definitions that implicitly regulate inter CP charges in a subtle way.

They define that the retail service charge must be the same for all retailers. This was my original assumption and the big issue being how we find what he service charge is.

However, reading more, they define "service charge" as what we pay to the ongoing carriers.

Now, these two definitions can only be both correct if the ongoing carriers charge us exactly the "service charge" defined for each range as set by the range holder.

In fact, neither carrier does that - they both pay BT the standard service charge for each range and hence charge us that plus a small amount to cover their costs. This means that the "service charge" as defined by OFCOM is not the same for all retailers.

It is a cack-handed way to impose rules on carriers charging carriers - by making two definitions that are only non contradictory if the CPs charge each other in a certain way.

Now, this puts the carriers we use on the spot - they will have to charge us the "standard" service charge for these numbers, but they then need to negotiate a discount on what they pay BT to make their own profit on such numbers. BT may not be keen on that, but I see no reason why that should not be the case.

The other odd thing is that I, as a consumer, assumed the service charge went to the end telco, or even the operator of the number, and the access charge is what paid to get the call there. This is not the case. The way OFCOM define it the access charge only pays the originating telco. The cost of getting the call on to the end terminating telco is all taken out of the service charge. So if you use a premium rate number to pay a charity at say "£1/call plus telco access charge", that is not £1 going to the charity even though you may be paying hugely over the top of a "normal" call for the access charge element on top.

What a mess. Waiting on latest OFCOM response.

Update: Why is the BT carrier price list not being updated? Well, from what I just heard today, BT are taking the sensible view of "why the hell should we be the ones to compile this list of charges" and arguing with OFCOM too. That is hearsay, but interesting and plausible.

Update: Getting resistance from carriers, and no reply from OFCOM - this needs sorting.

Sunday, 5 July 2015

Rationality

I have been pondering rationality. We all (I assume) like to think that we are rational to some extent - that we consider the available information and make decisions to achieve the most favourable outcome. Of course, if it were that simple there would be no free will and we would all agree.

It is not that simple - for a start we do not all have all of the information, or the same information, and the information we have may be wrong. A key part of assessing information to make a decision is predicting the future, and we all have different luck and skills in that. We also have lots of bias based on our previous success in predicting the future. There are a huge number of psychological effects that are well documented that create lots of bias in our decision making processes.

The other obvious factor is how we decide what is a favourable outcome. We "feel" that we want certain things and certain outcomes, but what makes us feel that way is not necessarily rational in itself. Ultimately "what makes us happy" is a key factor, or perhaps "what we think will make us happy". I don't know how that comes about - our previous experience, genetics, what?

One of the reasons I was pondering rationality is seeing again the phrase "We are all atheists for almost all gods in human history, it is just that some people take it one god further". I was pondering the impossibility of debating religion with people. It is not totally impossible, but often one hits a brick wall where any rational debate falls down.

A rational debate involves one party trying to change the mind of the other - and if we assume people are rational then that means changing one of the parameters. Change the available information or change the perceived future prediction based on providing other experience of such predictions, or perhaps even change the views of what is a favourable outcome. It is not always possible, but in an ideal world it should be possible for two parties to agree the set of facts and rules and hence find that they have to agree on a decision.

I find it quite useful in a debate to try and get people to "step back", and try to agree on the desired objectives, and then how one measures success against those objectives. You can then back track to considering the alternatives and assessing against the agreed metrics to reach a decision on which all parties must agree (having agreed the test / metrics to follow).

Religious debates do not always follow such "logic", sadly. For a start - people are rarely prepared to specify their objectives in such debates!

If the world had one religion you could almost understand that the religious would not fathom the arguments of the non religions. But when there is a world with lots of religions, you end up with each group believing a set of arguments in favour of their own religion, but somehow dismissing the identical set of arguments presented by an opposing religion. It means that one person has to somehow hold conflicting logic and apply it differently depending on the context.

To be honest, that is a clever trick!

I am reminded of the electric monk: “The Electric Monk was a labour-saving device, like a dishwasher or a video recorder... Electric Monks believed things for you, thus saving you what was becoming an increasingly onerous task, that of believing all the things the world expected you to believe.”  One of its key features is described later "The man from the Monk shop said that it needed a whole new motherboard, but then pointed out that the new improved Monk Plus models were twice as powerful, had an entirely new multi-tasking Negative Capability feature that allowed them to hold up to sixteen entirely different and contradictory ideas in memory simultaneously without generating any irritating system errors, were twice as fast and at least three times as glib, and you could have a whole new one for less than the cost of replacing the motherboard of the old model."

Saturday, 4 July 2015

Honestly?

Well, I am surprised to see this on the tube, and apparently on newspaper adverts as well.

I am impressed that Virgin Media are finally being a bit more factual over how their network works. It uses COPPER coax cable and not fibre optic cable to link to your home.

They are also right that coax can provide better performance than a simple copper pair in many cases.

Well done.

Well, except that their web site still gets it wrong...


But a big step in the right direction. Well done Virgin. They may be a competitor in some ways (though not really, as we don't really go after the same customers most of the time), but I am always in favour of honesty in advertising and describing a service.

By the way, we do bonded VDSL that provides high availability and high speed that rivals a coax cable service and uses just copper pairs, but that is beside the point, and not as cheap.

Of course, real fibre is better than either of these.

15 minutes of fame is not enough...

I was on Sky News again this morning - I am getting quite good at getting to Millbank studio and back reasonably efficiently now - leaving Bracknell at 9:02 by train and getting back in Bracknell by taxi at 11:59 for my grandson's birthday party.

A woman from IWF was meant to be debating with me, but she insisted on doing her bit first rather than a discussion/debate. I think I managed to get some of the key points over, and as usual I was not going up against the IWF and I agreed with a lot of what she was saying.

The problem is really that you cannot properly discuss and debate these issues in a 5 minute slot - and to be fair a "15 minutes of fame" slot would probably not be a lot more help.

The IWF (Internet Watch Foundation) work to remove child abuse images from the Internet. Much of this is acting on reports and tracking down the hosting company to get the content removed. They are rightly proud at how well this works in the UK, but when the material is hosted outside the UK they have to work with other organisations in other countries. Sadly they are not as efficient or as effective. Obviously I agree that such material should be tracked down and removed (though I don't agree on illegality of cartoons which has led to some silly cases, but that is another debate and I may yet be convinced otherwise).

The point where it gets contentious is where the IWF have a block list and ISPs use this (pay for it) to block access to some web site URLs (specific image files on web sites). It is not that contentious really with the IWF - they have pretty much always said that this block list is to stop people accidentally accessing material which would be illegal to possess. They don't claim that this block list is a tool to stop child abuse or creation or distribution of child abuse images. It stands to reason that blocking one specific unencrypted protocol for access to material which is illegal is not going to help much. Anyone wanting to access such material can no doubt find it by many other means and protocols over the Internet, many of which cannot be tracked or effectively specifically blocked. If the process of removing content is fast and effective then the block list is pointless even to stop accidental access.

The woman from the IWF did not raise the blocking issue specifically, but the interviewer did ask what ISPs can do, and whether we should be doing more. This is where the debate really starts to unravel and go in slightly different directions.

My view is that ISPs as communications providers should not have to concern themselves with what is communicated. This is a long standing principle (mere conduit) where we are not liable for what is communicated. It is not just some handy cop-out but a key factor in ensuring we even have an Internet. If there was liability for content, or a requirement to monitor police communications, it is hard to see how even a phone network, let alone the Internet, would have been commercial viable.

The problem with this view is that it sounds uncaring, understandably. But I also feel that any attempt to force monitoring, policing and filtering on ISPs is the thin end of the wedge. It opens up the possibility of extending beyond the original remit, and we have already seen this happen where copyright related court orders have been effective on ISPs that have the IWF blocking in place. Ultimately this has also led to the filtering and blocking offered by so many ISPs now at the request of the government. If there are not a ISPs like us standing up for the right to work as mere conduit we will wake up and find ourselves in a police state with approved media and content only.

However, there is another argument against filtering this sort of content - and I made that point in the interview - that the technology is changing and encryption is becoming the normal way we communicate on the Internet. This means that it is difficult or impossible to tell what someone is doing when they communicate. Identifying the "server" is not good enough, you need to tell a lot more about what is communicated (e.g. specific web pages on web sites) otherwise you cause all sorts of collateral damage. This is even more the case as servers end up behind NAT and mapping gateways and people make use of content delivery networks, and so on.

This leads the the counter argument (which is where we simply don't have time on such a short slot on TV) that we need to be able to see through encryption. This is where we start on the current government madness of trying to ban [strong] encryption. Well, I have lots to say on that, and much I have already said, but that is for another time.

Maybe some day I'll get a chance to be in a longer debate on the matter.

Wednesday, 1 July 2015

OFCOM's latest folly

Some phone numbers have had "special" charges for some time.

0845 was "local" and 0870 was "national" and this dates back to the times that local and national call charges made sense. The problem is that over time these have stayed expensive as inclusive packages and lower costs have meant that "normal" calls (01, 02, 03 numbers) are lower.

There have also been various "Premium rate" services, which OFCOM can regulate (as Communications Act says they can). These are now generally in 09 numbering.

The problem is that it is a mess. Some numbers cost as much as £6 a call, some are free, and it is not clear. Mostly 09 is expensive and 08 is not so much. People using 0845 and 0870 are being encouraged to move to 0345 and 0370 at "normal" rates.

So OFCOM have made some rules and said that the new system applicable to 084, 087, 09 (and 118) calls is that they have a service charge and an access charge. The service charge is set by the range holder, and the access charge by the telco you use to make the call.

The idea is that instead of saying "Calls charged at 50p/min from a BT landline but may be more from other operators and much more from mobile" you now get "Calls charged at 50p/min plus your telcos access charge".

Sounds sensible, until you realise many retail telcos, even BT, have an access charge of 10p/min and one charges as much as 44p/min. This access charge has to be the same over all codes (except those "inclusive" in bundles) which makes a mockery of those that are 1p/min or 5p/min, etc.

It will confuse people that services advertised as "1p/min plus your telco's access charge" are costing them 45p/min from some telcos!!!

But it is worse - how does a telco know what the service charge is. After all, no telco has contracts with every service provider (range holder) directly. So they have a contract with some carrier (maybe even BT directly) to route the calls. As a telco, how do I know what to charge for a number.

Well, OFCOM have distanced themselves from any responsibility saying we have to look at the contract we have with our carrier to find the cost of the service charge. However, they have only made this new system apply at retail to consumers, and not to our carriers. It seems our carrier does not have to do anything. To be fair, they are, mostly, doing something sensible, but OFCOM are not insisting that they do. They don't have to tell use the service charge for each number.

OFCOM suggested the BT Carrier Price List as a reference, but if I was BT I would expect OFCOM to pay me to run that database! OFCOM won't actually tell me what the service charge is for each number even though they REQUIRE that I charge calls to that number based on the service charge (and my access charge). That is MADNESS!!!

Seriously, WTF are OFCOM on?

1. No definitive list of service charges. BT CPL is already wrong and out of date.
2. Access charge means calls cost massively more than they used to for many numbers.

If, as OFCOM have said, telcos should use the contracts with their suppliers as the reference for service charges - what is to stop a telco selling all 084/087/09 at £10/min, and its customer using that as the reference for all such numbers? Not OFCOM rules for a start - heck! these rules do not apply to "business tariffs" let alone CP to CP tariffs...

We already have issues that OFCOMs right to regulate Premium Rate numbers comes from the definition in the Communications Act. We have a few 0871 numbers that were never "Premium rate" and we still provide no "service" via these, only communications (fax to email) as per their original numbering plan allocation. As such OFCOM have no legal right to regulate our use of these numbers as "Premium rate". Thankfully it is mostly academic but they really lack clue some times.

Update: OFCOM have stated "The charges that you apply are a contractual matter between you and other elements in the supply chain." which makes no sense. It means that we basically can change whatever we want as the other elements in the supply chain supplying us have no reason to follow the new OFCOM rules (as we are not consumers). It means that the price consumers get charged is not fixed or clear at all.

Update: OFCOM now suggest we contact each and every range holder, having previously suggested the BT CPL which seems incomplete. I have asked them to confirm which GC compels a range holder to tell us the information.

Update - based on replies from OFCOM:-

It appears there is no regulatory requirement for a range holder to tell us the service charge for a number range. They may have a contractual incentive to tell parties they contract with, but not us.

It appears there is no regulatory requirement for the CPs with which we have a contract to tell us the service charge for numbers they route. As we are not consumers, but another CP, there seems to be no regulatory requirement for the charges we pay to be based on a service charge plus access charge or for any access charge to be consistent. As such, even though we may know what we pay for a call, we cannot, from that, determine a service charge to charge our customer.

So, it seems, OFCOM have made a regulation but have failed to join the dots and provide a means for us to comply with that regulation.


OFCOM tried to maintain a master list and failed - yet they expect every single tiny telco to somehow maintain such a list in order to comply with the regulations. If OFCOM can't manage it - how the hell are we expected to? Heck! OFCOM have a legal ability to require telcos to answer questions and still they did not manage this!

Update: I have re-read the GCs, and the "service charge" is defined as the charge set at the first CP handover point, i.e. what we pay to carriers. That means that when an advert says "calls cost 20p/min plus your telcos access charge" it will not in fact be the case. We would charge the "service charge" which is what we pay (which is more than 20p/min) plus our access charge. What a crazy system. I have asked OFCOM to confirm.

NoT - the quiet week

The new OFCOM Notice of Transfer system for broadband migrations has been going for over a week now.

This means that this week is quiet - migrations have been changed from 5 working days to 10 working days (by the regulator acting in interests of the customer, of course?!). As most migrates are on this minimum lead time, this means no migrates (in or out) completing this week.

We think it is going well from our point of view. It is a little hard to tell yet but I think we are gaining on average. This makes some sense as we were always easy to get a MAC from (and it was on-line and automated) but people dreaded calling other ISPs to get a MAC to move to us. So maybe that is good for us.

We have not yet seen a slamming on broadband - either from us, or an accusation of us slamming (e.g. one of our new customers mistyping details on our order form). I wonder when the first will be.

We have managed to make our internal systems much more orthogonal and allow nice PGP signed emails to customers for key events (the OFCOM required ones, and some not strictly required such as when migrates complete). The changes to our terms and billing system seem to have worked, with only minor transitional issues. The new early termination charges system is working as planned and saving customers money. Overall I am quite pleased with how it is going. Not that OFCOM pay us for all this work we have to do...

We have seen one person who is moving to us who has not received any notice from existing provider, and indeed, the existing provider (when questioned) says there is no migrate happening. That will be a fun one to watch.

We had a surprise - BT used to have a real issue with "pending orders" stopping any other order and importantly stopping any faults being reported. After decades of this being a pain, it seems the new NoT process has prompted BT to fix this - allowing a fault to be reported whilst a migrate is pending. The other surprise is BT stating that cancelling orders has no cost - solving the moral issue of who pays for a "Cancel Other" order as both ISPs have good reason for it not being them!

This also makes some scenarios simpler - people moving in to a new house. It was always best if they can migrate the existing service, but that meant getting the previous occupant to get a MAC and hand it over. Now, the new occupant can simply order service for the date they move in.

Update: Seems more than half of migrates that are outgoing end up in a state that cannot in fact have tests run or fault reports done for the 10 workings days that a migrate is pending. BT are working on fixing this!